Phishing Scam Targeting Faculty

Technology Services would like to draw your attention to a particularly well-designed email scam that is targeting researchers at the University of Illinois. This phishing scam attempts to steal NetID passwords by prompting the email recipient to click on what looks to be a University of Illinois hyperlink, and then log into a fake version of the University’s login page.

Instances of these emails have been addressed directly to faculty members requesting more information about published articles. In addition to the link to the fake login page, the email also may contain legitimate links to research articles.

If you receive a copy of this message, you are encouraged to simply delete it.

Technology Services strongly advises you to never enter your NetID and password on any page that looks like an Illinois login page until you have confirmed that the page is actually is from the University of Illinois. In this case, the fake login page had a bad URL that was similar to a valid Illinois URL (library.illinois.edu). However, the fake login page contained a few additional characters in the web address that made it a non-Illinois URL.

A copy of this email, as well as a screenshot of the fake login page and bad URL are available below.

If you received this kind of message and entered your NetID and password on the fake login page, or if you need assistance, please contact the Technology Services Help Desk at 217-244-7000 or by email (consult@illinois.edu)

Screenshots

A copy of the email:

A copy of the fake login page:

A close up of the bad URL, which was one of the only ways to spot that this was a fake login site. The URL ending in "illinois.edue.in" instead of "illinois.edu" was what made it a bad URL.